Hackers Select a New Target: Other Hackers

Somini Sengupta and Nick Bilton|The New York Times

Tuesday, 5 Jul 2011 | 12:26 AM ETThe New York Times

SHARES

The hackers, calling themselves the A-Team, assembled a trove of private information and put it online for all to see: names, aliases, addresses, phone numbers, even details about family members and girlfriends.

Nick Rowe | Photodisc | Getty Images

But their targets were not corporate executives, government officials or clueless bank customers. They were other hackers.

And in trying to unmask the identities of the members of a group known as Lulz Security, the A-Team was aiming to take them down a peg - and, indirectly, to help law enforcement officials lock them up.

The core members of Lulz Security "lack the skill to do anything more than go after the low-hanging fruit," the A-Team sneered in its posting last month.

In recent weeks, attacks on companies like Sony and government sites like senate.gov have raised concerns about increasingly organized and brazen hackers. On Monday, a Twitter account for Fox News was hijacked.

But much of the hacking scene is a fractious free-for-all, with rival groups and lone wolves engaged in tit-for-tat attacks on each other, often on political or ideological grounds but sometimes for no better reason than to outwit - or out-hack - the other guy.

The members of Lulz Security, or LulzSec, have been at the center of the sniping lately. The group won global attention through attacks on the C.I.A., Sony, the Arizona state police and other organizations, putting at risk the personal information of tens of thousands of people in the process. Even as they attacked, the LulzSec members craftily concealed their own identities, all the while articulating an ever-changing menu of grievances, from government corruption to consumer rights.

LulzSec's provocative attacks and flamboyant style made it a tempting target. Other hackers, equally adept at maintaining their anonymity, have been seeking to penetrate the online aliases of the group's members.

Late last month, LulzSec announced that it was disbanding, and that its members would continue their activities under other banners. But the F.B.I. and other agencies are continuing their pursuit, aided by information unearthed by other hackers. In fact, the Lulz Security members face the real possibility that if they are caught, it will be their fellow hackers who led the authorities to their doorsteps.

"This unfortunately represents one of few ways law enforcement gets good inroads into this community," said Bill Woodcock, research director at the Packet Clearing House, a nonprofit group in Berkeley, Calif., that tracks Internet traffic.

In hacker parlance, to be unmasked is to be dox'd, as in documented. And by hacker logic, to be dox'd is to be put out of business. An online alias is an essential weapon: it conceals a person's name and whereabouts, while allowing the creation of an alternate identity.

Indeed, the handbook for new recruits to Anonymous, the global hacker collective from which Lulz Security sprang earlier this year, contains tips on safeguarding one's identity - from how to steer clear of Web sites that track online activity to masking one's Internet provider.

One of the tools it suggests is Tor, a network of virtual tunnels originally developed by the United States Naval Research Laboratory to protect online government communications. "In our world," the handbook concludes, "a good defense is the best offense."

Despite the detailed profiling by the A-Team and other hacker groups including Team Poison and Web Ninjas, no professed Lulz Security member has admitted to being dox'd, and some have merrily denied it. But the campaign seems to have had some effect.

The A-Team's supposed outing of seven of Lulz Security's members coincided with the group's announcement that it was disbanding. And a spokesman for the group, using the alias Topiary, bid a public farewell in typically impish language: "Sailing off - watch your backs and follow the north wind, brazen sailors of the 'verse."

The A-Team posting about LulzSec included mundane personal details. The sister of one purported LulzSec member, it said, was a bartender in a bowling alley in a small British town. Another member was described as "very ugly." A third, the group railed, cannot hack at all: "He doesn't actually do anything except give interviews."

Part of the posting, complete with misspellings, went to the heart of the hackers' paradox: "If your anonymous no one can find you. No one can hurt you, so your invincible," it said. "The problem with this idealogy, is it's on the internet. The internet by definition is not anonymous. Computers have to have attribution. If you trace something back far enough you can find its origins."

Lulz Security was not above outing one of its own. A member known as m_nerva leaked some of its chat room discussions to the media. In retaliation the group posted what it said was m_nerva's personal information, including an address in Hamilton, Ohio.

Last week the F.B.I. raided a home in Hamilton but made no arrests, according to local media reports. An F.B.I. spokeswoman, Jenny Shearer, would not comment on what she said was a continuing investigation.

In an interview with the BBC Web site, a spokesman for LulzSec who called himself Whirlpool said of the group's opponents: "They keep trying to bring us down, we mock them, they get flustered and make snide comments, we laugh."

Meanwhile the Web Ninjas, who publish a blog called LulzSec Exposed, declared their intentions this way: "We have tried our best doxing LulzSec and keep doing it until we see them behind bars."

Topiary's fellows do not seem to be in a mood to venture off into the north wind forever. Since announcing its dissolution, LulzSec has melted into a broader movement called AntiSec, which potentially has thousands of hackers on its side, including those associated with Anonymous. Hackers have continued to torment the Arizona police because of their role in a state crackdown on illegal immigrants, leaking officers' personal e-mail last week.

Security companies and government agencies have a long history of relying on current or former hackers in the fight against computer crimes. One new wrinkle is the way that attacks on government targets have given rise to a small but loud faction of patriotic, presumably American hackers who are fighting back on their own, said Gabriella Coleman, an assistant professor at New York University who is researching a book on Anonymous. The fights have also become more public and spectacular, in part because of platforms like Twitter.

"Warring becomes an art form itself," Ms.Coleman said.

"There is that game quality to it. They're claiming they can't be found. It's a huge trophy if you can."